TYPO3 News & Events Hub
What’s New & What’s Coming
Cross-Site Scripting in third party library mso/idna-convert
It has been discovered, that TYPO3 ships example code of mso/idna-convert library that is vulnerable to Cross-Site Scripting
Read moreEnvironment Variable Injection
It has been discovered, that PHP exposes the risk of Environment Variable Injection and TYPO3 is vulnerable through third party library guzzlehttp/guzzle
Cross-Site Scripting vulnerability in typolinks
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting.
Information Disclosure in TYPO3 Backend
It has been discovered, that TYPO3 is susceptible to Information Disclosure.
SQL Injection in TYPO3 Frontend Login
It has been discovered, that TYPO3 is susceptible to SQL Injection.
Insecure Unserialize in TYPO3 Import/Export
It has been discovered, that TYPO3 is susceptible to Insecure Unserialize.
Cross-Site Scripting in TYPO3 Backend
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting.
Insecure Unserialize in extension "Page path" (pagepath)
It has been discovered that the extension "Page path" (pagepath) is susceptible to Insecure Unserialize.
Cross-Site Scripting in extension "CCDebug" (cc_debug)
It has been discovered that the extension "CCDebug" (cc_debug) is susceptible to Cross-Site Scripting.
Crowdfunding features in TYPO3 v8 - ckeditor Integration
The goals set for TYPO3 v8 LTS, to be released in April 2017, have raised high expectations. While a lot of groundwork is being laid, TYPO3 association member Pixelant AB with their very active CEO Robert Lindh in the TYPO3 community, has offered to...
Releasing TYPO3 v8.2
Today, the TYPO3 community published the next iteration of TYPO3 v8, the enterprise content management system. TYPO3 v8.2 is a sprint release, a stable release on the way to the final TYPO3 v8 LTS planned for spring 2017.
Report on the Server Admin Team sprint in Hannover (May 2016)
It's already a few weeks ago that the second sprint of the TYPO3 Server Admin Team in 2016 took place. The team met on the weekend of May 20-22 in Hannover.
Codesprint: We have never been to Sweden before ...
The Core Team goes north - code sprint 09.07. - 12.07.16 in Malmoe / Sweden
Cross-Site Scripting in extension "Bootstrap Package" (bootstrap_package)
It has been discovered that the extension "Bootstrap Package" (bootstrap_package) is susceptible to Cross-Site Scripting.
April & May (2016) diary of the TYPO3 Association
Quarterly Meeting, Dialogue Day, General Assembly, typo3.inc, typo3.com and updated memberlistings
TYPO3 Award, October 27 in Munich - CALL FOR NOMINATIONS
During the international TYPO3 Award, the who-is-who of the business will meet again to celebrate the best TYPO3 projects from agencies and customers. The awards ceremony will take place as a gala event on the evening of October 27 in the Munich...
Register now for a TYPO3 Agency Meetup 2016 near you!
The marketing team has now finished the preparation and schedule for the 2016 Agency Meetup Days. Register now for an event in your area
TYPO3 Conference “T3CON16,” October 26-27 in Munich - Call for Speakers and Papers
Under the motto "MAKE INNOVATION HAPPEN," the world's largest event for the TYPO3 community will be held this year in Munich from October 26-27. By organizing both a Business Day and a Future Day, IT decision makers, agencies, marketing managers,...
Information Disclosure in "MMC directmail subscription" (mmc_directmail_subscription)
It has been discovered that the extension "MMC directmail subscription" (mmc_directmail_subscription) is susceptible to Information Disclosure.
Multiple vulnerabilities in extension "http:BL Blocking" (mh_httpbl)
It has been discovered that the extension "http:BL Blocking" (mh_httpbl) is susceptible to SQL Injection and Cross-Site Scripting.